package com.simple.space.modules.shiro.controller;

import com.simple.space.common.constant.Result;
import com.simple.space.modules.shiro.mapper.UserMapper;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @ClassName UserController
 * @Author SimpleTree
 **/
@RestController
@RequestMapping("/user")
public class UserController {

    @Autowired
    private UserMapper userMapper;

    @GetMapping("/getMessage")
    @RequiresRoles(logical = Logical.OR, value = {"user", "admin"})
    public Result getMessage() {
        return new Result(200, "成功");
    }

    @PostMapping("/updatePassword")
    @RequiresRoles(logical = Logical.OR, value = {"user", "admin"})
    public Result updatePassword(String username, String oldPassword, String newPassword) {
        String password = userMapper.getPassword(username);
        if (password.equals(oldPassword)) {
            userMapper.updatePassword(username, newPassword);
        } else {
            return new Result(400, "密码错误");
        }
        return new Result(200, "成功");
    }

    @GetMapping("/getVip")
    @RequiresRoles(logical = Logical.OR,value = {"user","admin"})
    @RequiresPermissions("vip")
    public Result getVipMessage() {
        return new Result(200, "获取vip信息");
    }
}
